package com.jiujichaoshi.oauth.server.config;

import com.jiujichaoshi.oauth.server.security.sms.SmsAuthenticationProvider;
import com.jiujichaoshi.oauth.server.security.sms.SmsCaptchaFindService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * Description:
 *
 * @author YangLong [410357434@163.com]
 * @version V1.0
 * @date 2021/2/7
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(proxyTargetClass = true, prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private UserDetailsService userDetailsService;
    @Autowired
    private SmsCaptchaFindService smsCaptchaFindService;
    @Autowired
    private PasswordEncoder passwordEncoder;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //用于生成AuthenticationManager，因为OAuth2也共用，所以这里设置的authenticationProvider在OAuth2中也使用
        auth.authenticationProvider(new SmsAuthenticationProvider(smsCaptchaFindService, userDetailsService))
                .userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/oauth/*", "/login/**", "/", "/index")
                .permitAll()
                .antMatchers(
                        HttpMethod.GET,
                        "/doc.html",
                        "/**/*.html",
                        "/**/*.css",
                        "/**/*.js"
                ).permitAll()
                .antMatchers("/webjars/**").permitAll()
                .antMatchers("/swagger*/**").permitAll()
                .antMatchers("/500", "/404", "/502", "/400").permitAll()
                .antMatchers("/v2/**").permitAll()
                .antMatchers("/file/upload").permitAll()
                .antMatchers( "/sys/**").permitAll()
                .and()
                .formLogin()
                .and()
                .authorizeRequests().anyRequest().authenticated()
                .and()
                .rememberMe()
                .key("remember")
                .tokenValiditySeconds(60 * 60 * 24 * 7)
                .userDetailsService(userDetailsService)
                .and()
                .csrf().disable();
    }

    /**
     * 将此AuthenticationManager注入到OAuth2使用，使认证互通
     *
     * @return
     * @throws Exception
     */
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

}
